Date: Mon, 12 Jul 1999 13:25:26 -0700 (PDT) From: Julian Elischer <julian@whistle.com> To: Doug Rabson <dfr@nlsystems.com> Cc: Karl Pielorz <kpielorz@tdx.co.uk>, Mark Newton <newton@internode.com.au>, crypt0genic@ecad.org, hackers@FreeBSD.ORG Subject: Re: (forw) Message-ID: <Pine.BSF.3.95.990712132403.2595D-100000@current1.whistle.com> In-Reply-To: <Pine.BSF.4.10.9907122036060.58023-100000@salmon.nlsystems.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 12 Jul 1999, Doug Rabson wrote: > On Mon, 12 Jul 1999, Karl Pielorz wrote: > > > > > > > Mark Newton wrote: > > > > > > Karl Pielorz wrote: > > > > > > > Yes, a nice, effective - and simply way of replacing syscall's on FreeBSD... > > > > Some might say a little too 'simple'? > > > > > > Garbage. You can do this on any OS, whether it supports loadable > > > modules or not, if you've managed to win sufficient privileges through > > > some other means. > > > > I was actually leaning towards that... My boss had kittens here (we have 12 > > FreeBSD boxes running the show now), until I'd explained it to him... If > > syscall's need to be replaced, they need to be replaced - and if they are > > replaceable ... (I'll stop there) :) > > > > The article (from what I can remember) didn't actually go out of it's way to > > say you have to have be root to load the modules in the first place :) - Maybe > > it's warrants some kind of response page putting up somewhere? - this is also > > getting off topic for -hackers :(... > > It was mentioned when describing the conditions for allowing the file load > (securelevel == 0 && uid == 0). which suggests that most important servers should be run whith securelevel > 0 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.990712132403.2595D-100000>